Add secrets for helm upgrade#16432
Draft
sowmya-sl wants to merge 8 commits into
Draft
Conversation
- Add basicAuthSecretName parameter to GetChartFromURL and InstallChartFromURL - Build RegistryClient with basic auth credentials for OCI registry pulls - Extract shared registryClientOptions from GetOCIRegistry for reuse - Add applyBasicAuthFromSecret helper to read credentials from K8s Secret - Strip OCI version tags before LocateChart to prevent duplicate tag errors - Wire basic_auth_secret_name through HandleChartGet and HandleHelmInstallAsync - Add OCI basic auth test cases with zot registry and htpasswd auth
- Add typeahead secret dropdown to HelmURLChartForm
- Surface errors for invalid secrets with explanatory description
- Pass basicAuthSecretName through fetchChartData and install API calls
- Append namespace and basic_auth_secret_name to chart fetch query string
- Display selected secret as read-only field on the install confirmation step
- Add basicAuthSecretName to HelmURLChartFormData type and helm-utils
…stallForm - Remove stale useTheme import that caused TS6133 build error - Drop theme property from useHelmReadmeModalLauncher (not in Props type) - Pass namespace to HelmURLInstallForm for ResourceDropdownField
Move the empty-secret-name guard from applyBasicAuthFromSecret to its call sites in InstallChartFromURL and GetChartFromURL so the function can assume it always has work to do. Add test cases for missing secrets, malformed secrets (missing username/password keys), and wrong credentials over both OCI and HTTP. Replace exact error string matching with ErrorContains for more resilient assertions.
openshift-ci
Bot
added
the
do-not-merge/work-in-progress
Contributor
|
Skipping CI for Draft Pull Request. |
Contributor
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: sowmya-sl The full list of commands accepted by this bot can be found here. The pull request process is described here DetailsNeeds approval from an approver in each of these files:
Approvers can indicate their approval by writing |
openshift-ci
Bot
added
component/helm
sowmya-sl
force-pushed
the
add-secrets-for-helm-upgrade
branch
from
f474e13 to
424549f
Compare
Decouple GetOCIRegistry from action.Configuration so it returns the registry client directly, keeping GetActionConfigurations focused on REST/namespace plumbing. Consolidate secret-based auth into GetUserCredentials and applyBasicAuthFromUserCredentials for reuse across InstallChartFromURL and GetChartFromURL. Extract duplicated secret- watching logic from HelmURLChartForm and HelmURLInstallForm into a shared useSecretResources hook. Add test coverage for UserCredentials in GetOCIRegistry.
…ll form The second page (install form) shows the secret field as disabled. When no secret is selected, display "None" instead of "Select a secret" to clearly indicate that authentication is not configured.
sowmya-sl
force-pushed
the
add-secrets-for-helm-upgrade
branch
from
424549f to
c2dac6d
Compare
Use a RegistryClientSetter interface so applyBasicAuthFromUserCredentials works with both action.Install and action.Upgrade via their shared ChartPathOptions. Persist the basic-auth secret name as a chart annotation (helm.openshift.io/auth-secret) during install and propagate it on upgrade so authenticated registries remain accessible across the release lifecycle.
sowmya-sl
force-pushed
the
add-secrets-for-helm-upgrade
branch
from
c2dac6d to
92da9e3
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Analysis / Root cause:
Solution description:
Screenshots / screen recording:
Test setup:
Test cases:
Browser conformance:
Additional info:
Reviewers and assignees: